Is it true that meltdown and spectre were intended as debug tools?
It's not even remotely true. Although you can use a Meltdown or Spectre attack to inspect the internals of a program in the way a debugger can, a proper debugger is much faster, easier, and more reliable.
A normal debugger uses documented API/syscall/instruction to look at state of a process it is permitted to access. Just being a debugger alone cannot bypass OS memory protection, otherwise anyone who knows how to download stuff can gain admin access on any system.
Meltdown and spectre attacks use (previously) undocumented and unintended side-effects of certain internal processor design flaws to exfiltrate information that the attacking code are not permitted to access.
In addition, these attacks (Meltdown in particular) are not very good for debugging purposes as they can only passively observe memory on a probabilistic level. A deliberate backdoor used for debugging, e.g. JTAG on embedded systems, would allow direct and realtime memory access.
I heard from a guy that's involved in low-level (assembler, C for drivers and OSes) programming, that meltdown and spectre weren't actually vulnerabilities discovered only so recently, but they were openly known as debug tools
They may've gotten their wires crossed with another major vulnerability that was apparently recommended as a debugging tool about 1.5 months back.
The vulnerability's described in
- "macOS bug lets you log in as admin with no password required", ArsTechnica (2017-11-28),
which was disclosed in a thread on the Apple Developer Forums as a potential solution about 2 weeks before it made the news as a major security flaw:
Solution 1:
On startup, click on "Other"
Enter username: root and leave the password empty. Press enter. (Try twice)
If you're able to log in (hurray, you're the admin now), then head over to System Preferences>Users & Groups and create a new Admin account.
-response in "Updated to High Sierra, all Admin accounts now Standard", Apple Developer Forums
This vulnerability made a lot of news, and folks were cracking jokes about how it was casually disclosed as a helpful hint on the forums.